eMedi Health Care (hereinafter referred to as the “Company”) operates a VITAL RING service (hereinafter referred to as the “Service”) and values your personal information.
This Privacy Policy explains how the personal information provided by members is collected, used, shared, and protected.
Article 1 (Purpose of collection and use of personal information)
The Company collects and utilizes members’ personal information for the following purposes.
| Category | purpose of collection |
|---|---|
| Membership registration and service use | Member identification, account management, service delivery |
| Measure and analyze health data | Collect and analyze biometric signals such as heart rate, blood oxygen saturation, skin temperature, etc |
| Custom Health Services | Health Analysis and Customized Coaching |
| Accrual and usage management of points | Accrual points, management of usage internal management, and connection of points mall |
| Use and payment of affiliated content | Connect affiliate health services and product purchases |
| Customer Inquiries and Consultations | Responding to inquiries about service use |
| Compliance with laws and regulations | Fulfillment of legal obligations, security and prevention of unauthorized use |
Article 2 (Personal Information Items and Methods to Collect)
① Personal Information Items Collected
Companies can collect the following personal information in the process of membership, service use, and consultation.
1. Information collected at the time of membership registration
- Mandatory information: Name, birth year, gender, height, age, weight, email, mobile number
- What to choose: Profile pictures and more
2. Automatic collection information while using the service
- Device information: Mobile device model name, operating system (OS) version, app usage history, etc
- Bio-signal information: heart rate, blood oxygen concentration, skin temperature, sleep pattern, activity, heart rate variability, etc
- Log data: usage time, error history, etc
3. Information collected when using point mall (Point mall operator: Homijae Co., Ltd.)
Personal information provided by members when using the point mall is linked to Homijae Co., Ltd. (point mall operator) and is collected for purchase and delivery of products.
- Point usage and accrual history
- Record purchase history and refund request
4. Information collected during customer consultation and inquiries
- Consultation content, inquiry type, email, phone number
② How to collect personal information
The company collects personal information in the following ways.
- Enter directly in the process of signing up for membership and using the service
- Automatic collection via VITAL RING devices and mobile apps
- Collected during customer center inquiries and consultations
Article 3 (Period of possession and use of personal information)
In principle, the company destroys the information without delay after the purpose of collecting and using personal information is achieved.
① Retention period
- Membership information: Deleted within 30 days of membership withdrawal
- Health data and usage history: five years after service termination and deletion
- Point usage history: 5 years of storage for compliance with legal obligations
② Retention period according to laws and regulations
If the law requires storage for a certain period of time, keep it as follows.
| Stored Items | Retention Period | Applicable Law |
|---|---|---|
| Record of withdrawal of contract or subscription | 5 years | Act on Consumer Protection in Electronic Commerce, etc |
| Payment and point usage details | 5 years | Act on Consumer Protection in Electronic Commerce, etc |
| Consumer Complaints and Counseling Records | 3 years | Act on Consumer Protection in Electronic Commerce, etc |
Article 4 (Providing Personal Information to a Third Party)
The company does not provide personal information to third parties without the consent of the members.
However, information may be provided to the following organizations for service operation and provision of affiliated content.
| Recipient | Purpose of Provision | Provided Items | Retention and Usage Period |
|---|---|---|---|
| ZTACOM Co., Ltd. | Health Data Analysis and AI Service Delivery | Bio-signal data (heart rate, SpO₂, etc.) | Delete after 6 months of storage |
| Thysmogram Labs | Link health indicators, transfer point wallet and transfer services | Health Score, Point Usage, Point Transition History | Delete after 6 months of storage |
| Homijae Co., Ltd. | Operation of point mall and delivery of goods | Point usage history, shipping information | Keep it for 5 years |
Article 5 (Consignment of Personal Information Processing)
The company entrusts personal information processing tasks as follows.
| Entrusted Company | Entrusted Task | Retention and Usage Period |
|---|---|---|
| Google Cloud Platform (GCP) | Service Data Archive and Server Operations | until the withdrawal of membership |
| Google Firebase | Send push notifications, manage app error logs, and provide self-authentication services | until the withdrawal of membership |
Article 6 (Procedures and Methods for Destruction of Personal Information)
In principle, the company will destroy personal information immediately if the retention period of personal information has elapsed or the purpose of processing has been achieved.
① a procedure for destruction
- Personal information whose retention period has expired is deleted without delay, or if prescribed by law, it is stored separately and destroyed during the legal storage period.
- The company regularly checks the retention period of the data in accordance with its internal policy, and immediately deletes unnecessary information.
② How to destroy it
- Electronic documents and cloud storage data
- Personal information stored in Google Cloud Platform (GCP) and Firebase is destroyed in a form that cannot be recovered by applying a data permanent deletion method.
- It is automatically deleted from the database, and backup data is permanently deleted through the Retention Policy after storage for a period of time.
- Log and session data
- Service usage records (log files, etc.) are regularly deleted by the automatic deletion system after a period of storage.
- Remaining points and temporary data are periodically initialized through an automatic cleanup process.
Article 7 (Members’ rights and methods of exercising them)
Members may exercise the following rights at any time.
- Request for personal information inquiry and correction
- Request to delete personal information and leave service
- Request for the provision and withdrawal of personal information
Request method: Contact the setting menu or customer center (email, phone) in the VITAL RING app
Article 8 (Technical and administrative measures for the protection of personal information)
The company implements the following measures to protect personal information.
- Technical Protection Measures: Data Encryption, Firewall Enforcement, Access Control System Operations
- Administrative Protection Measures: Managing access to personal information, conducting regular security training
Article 9 (Personal Information Protection Officer and Contact Person)
Members can receive inquiries and complaints related to privacy below.
Director of Privacy:
- Name: In-gyu Lee
- Contact Information: info@emedihealthcare.com
Supplementary Provisions
This Privacy Policy will take effect on February 26, 2025. The previous terms and conditions will be replaced by these terms and conditions.